Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


Script opcode changes after restart help!

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine
View previous topic :: View next topic  
Author Message
MichaelLee01
Cheater
Reputation: 0

Joined: 07 Apr 2020
Posts: 37
PostPosted: Wed Jun 17, 2020 1:31 pm    Post subject: Script opcode changes after restart help! Reply with quote
Here is the script:
{ Game : DeadOrSchool.exe
Version:
Date : 2020-06-18
Author : Michael

This script does blah blah blah
}

[ENABLE]

aobscan(INJECT,89 48 18 48 B8 E0 C8 9F 0A 5A 01 00 00) // should be unique
alloc(newmem,$1000)

label(code)
label(return)

newmem:

code:
mov [rax+18],ecx
mov rax,0000015A0A9FC8E0
jmp return

INJECT:
jmp newmem
nop 8
return:
registersymbol(INJECT)

[DISABLE]

INJECT:
db 89 48 18 48 B8 E0 C8 9F 0A 5A 01 00 00

unregistersymbol(INJECT)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: 15A3B5D0F95

15A3B5D0F72: 48 83 C4 20 - add rsp,20
15A3B5D0F76: 85 C0 - test eax,eax
15A3B5D0F78: 0F 85 3C 01 00 00 - jne 15A3B5D10BA
15A3B5D0F7E: 48 8B 47 50 - mov rax,[rdi+50]
15A3B5D0F82: 48 63 48 10 - movsxd rcx,dword ptr [rax+10]
15A3B5D0F86: FF C9 - dec ecx
15A3B5D0F88: 89 48 10 - mov [rax+10],ecx
15A3B5D0F8B: 48 8B 47 50 - mov rax,[rdi+50]
15A3B5D0F8F: 48 63 48 18 - movsxd rcx,dword ptr [rax+18]
15A3B5D0F93: FF C9 - dec ecx
// ---------- INJECTING HERE ----------
15A3B5D0F95: 89 48 18 - mov [rax+18],ecx
15A3B5D0F98: 48 B8 E0 C8 9F 0A 5A 01 00 00 - mov rax,0000015A0A9FC8E0
// ---------- DONE INJECTING ----------
15A3B5D0FA2: 48 8B 00 - mov rax,[rax]
15A3B5D0FA5: 48 8B 40 28 - mov rax,[rax+28]
15A3B5D0FA9: 48 8B 80 00 01 00 00 - mov rax,[rax+00000100]
15A3B5D0FB0: 48 89 85 68 FF FF FF - mov [rbp-00000098],rax
15A3B5D0FB7: 48 63 47 6C - movsxd rax,dword ptr [rdi+6C]
15A3B5D0FBB: 48 89 85 60 FF FF FF - mov [rbp-000000A0],rax
15A3B5D0FC2: 48 8B C5 - mov rax,rbp
15A3B5D0FC5: 48 83 C0 8C - add rax,-74
15A3B5D0FC9: 48 89 85 58 FF FF FF - mov [rbp-000000A8],rax
15A3B5D0FD0: 48 8B CF - mov rcx,rdi
}


This is an Ammo hack

note:opcode:mov rax,0000015A0A9FC8E0 changes everytime I restart the game. IS there a way to solve this?
Back to top
View user's profile Send private message
happyTugs
Cheater
Reputation: 0

Joined: 23 Apr 2020
Posts: 26
PostPosted: Wed Jun 17, 2020 7:21 pm    Post subject: Reply with quote
The easiest fix is by injecting before 15A3B5D0F95.
Or, use wild cards along with readmem or reassemble.

The latter is slightly more tedious since you have to make your signature more 'unique' (in this case, i just added some more bytes, you have to make sure yourself).

edit. forgot the disable section

Code:
[ENABLE]

aobscan(INJECT,89 48 18 48 B8 ?? ?? ?? ?? ?? ?? ?? ?? 48 8B 00 48 8B 40)
alloc(newmem,$1000)

label(code)
label(return)
label(INJECT_0)

newmem:

code:
mov [rax+18],ecx
readmem(INJECT+3,10)
jmp return
INJECT_0:
readmem(INJECT,13)

INJECT:
jmp newmem
nop 8
return:
registersymbol(INJECT)
registersymbol(INJECT_0)

[DISABLE]

INJECT:
readmem(INJECT_0,13)
//db 89 48 18 48 B8 E0 C8 9F 0A 5A 01 00 00

unregistersymbol(INJECT)
unregistersymbol(INJECT_0)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: 15A3B5D0F95

15A3B5D0F72: 48 83 C4 20 - add rsp,20
15A3B5D0F76: 85 C0 - test eax,eax
15A3B5D0F78: 0F 85 3C 01 00 00 - jne 15A3B5D10BA
15A3B5D0F7E: 48 8B 47 50 - mov rax,[rdi+50]
15A3B5D0F82: 48 63 48 10 - movsxd rcx,dword ptr [rax+10]
15A3B5D0F86: FF C9 - dec ecx
15A3B5D0F88: 89 48 10 - mov [rax+10],ecx
15A3B5D0F8B: 48 8B 47 50 - mov rax,[rdi+50]
15A3B5D0F8F: 48 63 48 18 - movsxd rcx,dword ptr [rax+18]
15A3B5D0F93: FF C9 - dec ecx
// ---------- INJECTING HERE ----------
15A3B5D0F95: 89 48 18 - mov [rax+18],ecx
15A3B5D0F98: 48 B8 E0 C8 9F 0A 5A 01 00 00 - mov rax,0000015A0A9FC8E0
// ---------- DONE INJECTING ----------
15A3B5D0FA2: 48 8B 00 - mov rax,[rax]
15A3B5D0FA5: 48 8B 40 28 - mov rax,[rax+28]
15A3B5D0FA9: 48 8B 80 00 01 00 00 - mov rax,[rax+00000100]
15A3B5D0FB0: 48 89 85 68 FF FF FF - mov [rbp-00000098],rax
15A3B5D0FB7: 48 63 47 6C - movsxd rax,dword ptr [rdi+6C]
15A3B5D0FBB: 48 89 85 60 FF FF FF - mov [rbp-000000A0],rax
15A3B5D0FC2: 48 8B C5 - mov rax,rbp
15A3B5D0FC5: 48 83 C0 8C - add rax,-74
15A3B5D0FC9: 48 89 85 58 FF FF FF - mov [rbp-000000A8],rax
15A3B5D0FD0: 48 8B CF - mov rcx,rdi
}


_________________
This is a block of text that can be added to posts you make. There is a 300 character limit
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> Cheat Engine All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites